PDA

View Full Version : Wireless Network Security Question



Sombeech
09-14-2007, 06:55 PM
So, if I've got a wireless router that is insecure, and somebody is in front of my house with a laptop doing some sort of illegal transaction, download, or financial hacking, does that show on my records?

Of course, I'm secure, but I've been wondering this. Would my ISP have record that I actually did this, or is there a way to track it to the perp's IP address to clear my name?

Just curious how that works. Just curious if the new "untraceable" method is via laptop cruising around neighborhoods, or if you can ultimately tell which machine it went to, not just which internet account.

greyhair biker
09-14-2007, 09:05 PM
i have never seen any proof of a 'record' that someone used my unsecure router. OF course, I have one now but for months I didnt and I know of several homeowners around me that dont either...simply because I have accessed them from my shop...sorry for all the purists out there, but the way I look at it, someone probably used mine for a while before I changed it and I dont really have a problem with it....anyone want the chance to change my mind here they are welcome to go for it. :mrgreen:
...now, another thing I have done is -while on a trip - driven into a hotel parking lot and hooked up to their system (if its unsecure) and check mail & stuff....so, am I gonna go to hell for this??

sparker1
09-15-2007, 03:49 AM
I occasionally use an anonymous unsecured network while traveling, either a motel/hotel hot spot or sometimes an RV that may have a broadband connection and a router. Some RV'ers intentionally make their network available, just because they're good guys. However, I don't know if I leave tracks on their system or if it appears they are the ones hitting all the porn sites.

accadacca
09-15-2007, 05:47 AM
I don't know if I leave tracks on their system or if it appears they are the ones hitting all the porn sites.
:lol8: :lol8: :lol8:

JP
09-15-2007, 06:20 AM
and somebody is in front of my house with a laptop doing some sort of illegal transaction
Walk outside and introduce yourself and start asking who they are and who they know in the neighborhood :haha: They'll get tired of your presence and move on :haha:


However, I don't know if I leave tracks on their system or if it appears they are the ones hitting all the porn sites.
Something about tracks and porn used in the same sentence :haha:

asdf
09-15-2007, 02:03 PM
Would my ISP have record that I actually did this, or is there a way to track it to the perp's IP address to clear my name?

Well your router would be the one giving them the IP address and your ISP is wont keep track of that. I doubt that ISP's keep track of the MAC address that connect to their network :ne_nau:
I would guess that if malicious activity came from your modem/router regardless of security level... your are going to take the fall. They will see it as if came from the IP they leased to you.



...now, another thing I have done is -while on a trip - driven into a hotel parking lot and hooked up to their system (if its unsecure) and check mail & stuff....so, am I gonna go to hell for this??

From what I understand if you go out of your way (drive a car) to get connected to a non public wireless network its illegal. But if you can pick it in your apartment or home its free game. I am sure the laws makers are working on this one..... so yes you are going to hell :haha:

I have a buddy who does pci credit card certifications for web sites (mostly poron sites. The data I have seen him pull from unsecured and WEP secured wireless network scares me. I am a wired man! something about Cat5 running the house make me feel more like a man.

:roflol:

ericchile
09-16-2007, 08:32 AM
So I think the courts have ruled in cases with RIAA and MPAA that you have to prove that it wasn't you using that IP connection.

The way it works is that your router has the IP address assigned by the ISP. In the router a DCHP controller assigns other ip addresses to their clients. This is know as NAT. Your ISP knows nothing about the clients on the router. This is good because you can share your connection with who ever you please. Keep in mind that WEP encryption is easily broken.

But the way most people get "busted" is the RIAA or MPAA contacts the ISP and demands that they give customer information (without warrant by the way) and they bring civil suit. Civil suits are different in the fact that you have to proof that you are not guilty. Most settle out of court for around 2k.

So yes you could be sued for what goes on with your IP address. Can you fight it and win... yes with a lot of work. Better not to get sued.

But I share mine with my neighbors.

asdf
09-16-2007, 10:04 AM
Has anyone seen a wifi antenna made from a Pringles can?
NO joke, it really works. This way you don't need to park directly in front of Beech's house... you can hang out down the block :roflol:

http://www.turnpoint.net/wireless/has.html

http://www.turnpoint.net/wireless/images/pringlesonstand.jpg

stefan
09-16-2007, 10:57 AM
Has anyone seen a wifi antenna made from a Pringles can?
NO joke, it really works. This way you don't need to park directly in front of Beech's house... you can hang out down the block :roflol:

http://www.turnpoint.net/wireless/has.html

http://www.turnpoint.net/wireless/images/pringlesonstand.jpg

yeah, something about the can's geometry being ideal for receiving these types of signals. i hear (?) they've been found to work for upto 2 miles.

sparker1
09-16-2007, 11:39 AM
Food strainers (often found in Chinese kitchens) are sometimes used as a WIFI antenna.

greyhair biker
09-16-2007, 02:28 PM
just for point of clarification....I never had a problem with sharing my hookup with my neighbors ( I liked my neighbors) when I started...we pretty much spearheaded getting DSL in our area so I kinda felt 'obligated' to share - that, and Im just a nice guy :haha: But, I'm not stupid(sorry) I know there came a point at which I must protect myself from intrusion/identity problems/whathaveyou as technology advances to the next level so I encrypted when Qwest updated their speeds -
...I have noticed that the more users on a certain system, the more access slows - I dont know what that is called, Ive just noticed that, and I like speed.
... would'nt it be great if access to the net was available from anywhere in the city from a 'tower' or 'site' in stratigic locations - that you could access for free, regardless of who you are, just as a 'service' for being a resident of that community- I know that takes out a whole new field of 'jobs' in the service industry but ....me just contemplating... :ne_nau:

greyhair biker
09-16-2007, 03:05 PM
I'm sure he's already seen this one (or not) but the guys' incredible!

http://www.youtube.com/watch?v=ATub40Npxik

greyhair biker
09-16-2007, 03:07 PM
HEY - that wasnt supposed to happen! sorry, didnt want it in here....

sparker1
09-16-2007, 04:56 PM
Some towns are installing WIFI antennae to provide access to everyone. I predict that will eventually happen all over.

Sombeech
09-17-2007, 03:22 PM
Some towns are installing WIFI antennae to provide access to everyone. I predict that will eventually happen all over.

That seems the way of the future. Community fee, just like water, power, garbage....

If it can keep up with the bandwidth demands, great. The only opposition would be the ISPs themselves, seeing their profit margins go down.

CarpeyBiggs
09-17-2007, 03:24 PM
Some towns are installing WIFI antennae to provide access to everyone. I predict that will eventually happen all over.

That seems the way of the future. Community fee, just like water, power, garbage....

If it can keep up with the bandwidth demands, great. The only opposition would be the ISPs themselves, seeing their profit margins go down.

Indeed. I work for iProvo, which the city owns. You have no idea the can of worms that the private sector will open up on this issue. It's a volatile topic, fo' sho'.

Sombeech
09-17-2007, 07:22 PM
All this talk has gotten me curious... What if I bought a wireless card for my PC, @$50, and just fed off of the 3 unsecured wireless connections around me?

Is there anyway they could detect me? I guess if I was uploading files and videos, eating the bandwidth, then they might look into it.

But could they ever find out that I was tapping into their wireless? I could save about 50 bucks a month. :nod:

greyhair biker
09-17-2007, 07:31 PM
I use my laptop almost exclusively....wireless feed, and it has a growing list of servers it has tapped into from all over the intermountain area...three are in town. BUT I agree that it's like a train ride...the train is heading to a destination anyway. you can hitch a ride and not make any difference to the load the train is carrying - still doesnt make it ethically right to 'hitch' without paying. Yeah, I know, sounds like Ive contradicted myself with earlier posts - I feel really bad...I wont do it for personal or commercial gain...sorta like pirating music or ANY OTHER service out there. :mrgreen:

Sombeech
09-17-2007, 07:33 PM
I will agree that if I'm taking a bunch of bandwidth, which I probably would with my video uploads, that it would be unfair to the user who's paying.

I'll probably end up finding out who it is, and offer to split the bill.


....if I actually get a wireless card.

But still, is there any way to detect who's using your wireless network?

greyhair biker
09-17-2007, 07:52 PM
Okay bro, this link.
http://www.cheap-computers-guide.com/what-is-wardriving.html
gives a good description of what we're into. Live and learn :2thumbs:

asdf
09-17-2007, 08:59 PM
But still, is there any way to detect who's using your wireless network?

As long as your router has some sort of MAC address control or MAC filtering you will be able to allow only the MACs you want to access your router. You should also be able to see what MACs are connected to your router.

Sombeech
09-17-2007, 09:03 PM
But still, is there any way to detect who's using your wireless network?

As long as your router has some sort of MAC address control or MAC filtering you will be able to allow only the MACs you want to access your router. You should also be able to see what MACs are connected to your router.

Can you define a MAC for me please?

asdf
09-18-2007, 04:41 AM
As with many technical terms, MAC is an acronym. It stands for Media Access Control address. This is a 12-character address that maps to a physical component such as your broadband router, wireless access card, network card and so on. The number is unique with the first half of the address representing the device manufacturer. For example, a MAC address starting with 00-06-25 is identified with Linksys.

Since the MAC address is unique, it can be used as a filtering mechanism to keep devices on or off your wireless network. Most 802.11 wireless networks will allow or deny access to specific MAC addresses. On my Linksys router, I enabled MAC filtering and entered the three MAC addresses that I want to connect to my network. Each of these MAC addresses belongs to a device that we regularly use. If a device tries to connect with a MAC address that is not on that list, it will be blocked.


http://en.wikipedia.org/wiki/MAC_address

If you are using WindersXP. Start Run, cmd, then click OK. At the command line type ipconfig/all then press enter. The Physical Address is your MAC address.

sparker1
09-18-2007, 05:35 AM
So, if a person allows all MACs when setting up his network, you might reason that he intends for others to use it...right? As far as knowing the MAC of a user, is it stored anywhere? Realistically, he may know my number but still not have a clue who I am or where I am...right?

asdf
09-18-2007, 06:04 AM
So, if a person allows all MACs when setting up his network, you might reason that he intends for others to use it...right?

Right ... or they dont know how to set up their router.


As far as knowing the MAC of a user, is it stored anywhere?

Depends on the router.


Realistically, he may know my number but still not have a clue who I am or where I am...right?

Well.... he is going to know that you are close if you are on his wifi. Also if your doing something illegal your mac addresses is a unique identifier unlike an IP address.

sparker1
09-18-2007, 12:53 PM
Thanks, summit.

ericchile
09-18-2007, 03:17 PM
I will agree that if I'm taking a bunch of bandwidth, which I probably would with my video uploads, that it would be unfair to the user who's paying.

I'll probably end up finding out who it is, and offer to split the bill.


....if I actually get a wireless card.

But still, is there any way to detect who's using your wireless network?

You sound like a perfect neighbor. Do you want to move next to me?

If you find a cheap VPN service you can surf their wireless and they can't tell what your doing.... Otherwise they can snoop a lot of passwords etc.

On a side note.... anyone ever successfully done a DNS proxy at the SLC airport wifi?

Grayhair do you have an antenna that you use to jump on those routers?




Since the MAC address is unique, it can be used as a filtering mechanism to keep devices on or off your wireless network.

That works ok until you have someone sniffing packets looking at the broadcasted mac address. Then you just clone the mac address on cards that can....

CarpeyBiggs
09-18-2007, 03:31 PM
Just a little information... Borrowing a ride on someone else's wireless network is always illegal, even if they give you permission. It falls under the same category as cable tv. Even if you neighbor lets you split his cable signal, it is still illegal. And splitting the bill between the two of you? Also illegal.

Now, if you are hitching a ride on a public network that is designated for public use by a service provider, that is a different argument altogether (say in a library).

sparker1
09-18-2007, 05:10 PM
Just a little information... Borrowing a ride on someone else's wireless network is always illegal, even if they give you permission. It falls under the same category as cable tv. Even if you neighbor lets you split his cable signal, it is still illegal. And splitting the bill between the two of you? Also illegal.

Now, if you are hitching a ride on a public network that is designated for public use by a service provider, that is a different argument altogether (say in a library).

So, how is it different at an internet cafe or RV park with WIFI? Some charge and some don't, but lots of people are sharing one access.

KillEmAll
09-18-2007, 07:45 PM
One thing to keep in mind with MAC filtering is it is unencrypted and anyone can easily spoof a MAC address. Since the MAC is sent unencrypted over the air anyone with the most basic of software can detect YOUR MAC address and mimic you. Even if you are encrypting your network, your MAC address is sent unencrypted, available for anyone to capture and mimic.

Sombeech
09-18-2007, 08:51 PM
So if I only allow 2 MAC addresses, somebody on the street couldn't use my router even if they knew the password because their MAC address wasn't on the list?

KillEmAll
09-18-2007, 09:02 PM
So if I only allow 2 MAC addresses, somebody on the street couldn't use my router even if they knew the password because their MAC address wasn't on the list?
Yes. But what I was saying is that your MAC address is broadcasted out to the world unencrypted, so a smart hacker would just capture it and mimic you, granting access to your router. Your router couldn't tell me from you. This is called MAC address spoofing and is one of the easiest things to hack.

KillEmAll
09-18-2007, 09:06 PM
One other thing though, blocking by MAC address can cut down on drive-by access if your laptop was off or with you since it's the wireless card and not the router that is broadcasting the MAC address. The person driving by would somehow have to know the MAC address.

Sombeech
09-18-2007, 09:06 PM
This is called MAC address spoofing and is one of the easiest things to hack.

Easier than the WEP key? Of course, usually the free loaders will just keep driving until they find the unsecure network, but it seems like there are all kinds of ways to hack in.

If they want in, they'll get in. And it's sounding like the wireless is the easiest point to breach any system.

KillEmAll
09-18-2007, 09:17 PM
This is called MAC address spoofing and is one of the easiest things to hack.

Easier than the WEP key?

Much, much easier. I caught my neighbors dog doing it once. MAC addresses weren't meant to be part of wireless security, which is why they are not encrypted.

Sombeech
09-18-2007, 09:19 PM
This is called MAC address spoofing and is one of the easiest things to hack.

Easier than the WEP key?

I caught my neighbors dog doing it once.

On your network?

KillEmAll
09-18-2007, 09:22 PM
This is called MAC address spoofing and is one of the easiest things to hack.

Easier than the WEP key?

I caught my neighbors dog doing it once.

On your network?

yes, that too

Sombeech
09-18-2007, 09:26 PM
Man, if my neighbors were savvy enough to try and hack my MAC, I'd probably unplug the router.

CarpeyBiggs
09-18-2007, 09:35 PM
Just a little information... Borrowing a ride on someone else's wireless network is always illegal, even if they give you permission. It falls under the same category as cable tv. Even if you neighbor lets you split his cable signal, it is still illegal. And splitting the bill between the two of you? Also illegal.

Now, if you are hitching a ride on a public network that is designated for public use by a service provider, that is a different argument altogether (say in a library).

So, how is it different at an internet cafe or RV park with WIFI? Some charge and some don't, but lots of people are sharing one access.

They probably buy a business connection from the ISP which allows multiple connections from different users. If not, I'd guess they are just doing it out of ignorance.

Sombeech
09-18-2007, 09:38 PM
Can your ISP detect the MAC addresses on your router? If so, they'd probably use that info to prosecute you if you were purposely sharing, but technically I don't think that's any of their damned business.

CarpeyBiggs
09-18-2007, 09:42 PM
Can your ISP detect the MAC addresses on your router? If so, they'd probably use that info to prosecute you if you were purposely sharing, but technically I don't think that's any of their damned business.

Nope, they shouldn't know the difference, save the mac address of your router that connects to their device...

asdf
09-19-2007, 05:55 AM
MAC addresses weren't meant to be part of wireless security

I was not suggesting that mac filtering is a great security option but that on a lot of routers you can see the mac address of the computers connected. If you are not filtering macs odds are that someone is not going to go out to their way to find yours and spoof it.

Keep in mind people hack into the large corporations and government facilities.... bottom line is nothing is hack proof.


They probably buy a business connection from the ISP which allows multiple connections from different users. If not, I'd guess they are just doing it out of ignorance.

Hey Dan,
So if you came over to my place and used my wifi would that be illegal?
ya know... technically?

stefan
09-19-2007, 06:10 AM
Hey Dan,
So if you came over to my place and used my wifi would that be illegal?
ya know... technically?

i'd be shocked if that were the case. that would be inane. i mean, i see the fine line that's being drawn here. but the line should certainly be drawn above visitors to your home, even frequent visitors.

Alex
09-19-2007, 06:26 AM
You guys are confusing the hell out of poor Beech. Don't scare him off into unplugin his router. You guys are blowing this whole security scare way out of a proportion. The first rule of a kiddie hacker is to hit the easiest target and not the one that doesn't broadcast, has a WEP key or MAC filtering enabled.

God knows there are still enough totally open access points for wardriving. :roll:

ericchile
09-19-2007, 08:09 AM
You guys are confusing the hell out of poor Beech. Don't scare him off into unplugin his router. You guys are blowing this whole security scare way out of a proportion. The first rule of a kiddie hacker is to hit the easiest target and not the one that doesn't broadcast, has a WEP key or MAC filtering enabled.

God knows there are still enough totally open access points for wardriving. :roll:

Amen...

I have a wrt type router by linksys. It does cool things like run linux on custom firmware available on the web. It also has a hotspot like functionality where you can have a webpage show up on "unauthorized" users. So for instance, if my neighbor has a family member visiting that sees my router and trys to get on, a web page will come up and tell him to come knock on my door an introduce himself and I will give him the connection info.

Also I can do cool things like SSH from work and use it as a proxy!:naughty:

http://www.dd-wrt.com

Anyone else have a router like this?


Also there is the whole fon movement that is interesting too.. Search Google.

Beech run your router how you want... if you notice any peeps parking in front of your house (very unlikely) just go talk to them...

CarpeyBiggs
09-19-2007, 08:23 AM
Hey Dan,
So if you came over to my place and used my wifi would that be illegal?
ya know... technically?

Nope, just like if someone comes over to your house to watch your cable TV. But if you are sharing it between residences, then yes, it is illegal. Cable TV is kind of the precedent, and basis for internet regulations. The lines will only continue to get more blurry though, as wireless access becomes more universal.